Course Extras

As promised, I shall be updating content that I find relevant to the course but for one reason or another had not included in the course.

1. Advanced Threat Analytics (ATA) suspicious activity guide aka IOCs

2. Javelin vs Microsoft ATA

3. Microsoft Baseline Security Analyzer 2.3

4. Bloodhound is now on Kali!!BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attacks can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.

5. Awesome resources on github to exploit Windows..

6. Microsoft signed mimikatz \o/ > Subverting Trust in Windows

7. User Access Control is not a security boundary! We actually saw live demos of this, read more

8. AMSI bypass?

9. Securing Windows with group policy..

10. More on defending powershell attacks..

11. More on how to hunt for lateral movement..

%d bloggers like this: